Crisis management

If an incident reaches a certain level of significant negative impact, it is classified as a crisis. Impact in this context involves any major negative impact to life and health, financial impact, data protection and more.

Upon a suspected crisis, the crisis management team is mobilised. The crisis management team involves Visma Group Management members as well as related and relevant members of Visma companies involved in the crisis. The crisis management process describes and initiates clear roles, responsibilities and actions to be performed and aims to prevent crisis in high impact incidents, as well as carry out crisis impact assessment, crisis handling and crisis closure.

Filing reports to the local data protection authority

Visma operates in many countries and reports shall be given in the country where the data subjects involved are located. Visma will report incidents if we are the data controller for the personal data. In cases where we are the data processor, we will inform the data controller (our customer) and they will decide if it is necessary to file a report or not. We recommend our customers to follow the guidelines from the EDPB.